wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-01-27 21:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,283 Commits 12 Branches 184 Tags
d4d6346ee5e7a31bcc4cf307bcbc2d5fcbd82c93
Commit Graph

2351 Commits

Author SHA1 Message Date
MJSPollard
d4d6346ee5 fixed unused variable error 2018-09-13 08:47:01 -06:00
MJSPollard
7457ab3e14 added define to work with certain enabled options 2018-09-12 23:37:31 -06:00
MJSPollard
037151eae0 Merge branch 'master' of https://github.com/wolfSSL/wolfssl into benchmarkCSV 2018-09-12 23:32:45 -06:00
toddouska
581f72adf8 Merge pull request #1822 from dgarske/fixes_async 
Fix for dh_test to make sure the provided agree size is populated
 2018-09-12 13:03:04 -07:00
toddouska
5b985c7dbd Merge pull request #1821 from dgarske/nxp-ltc 
Fixes for NXP LTC support with K82
 2018-09-12 13:02:21 -07:00
MJSPollard
d280359548 added option to print wolfcrypt benchmark tests in CSV format 2018-09-11 14:49:54 -06:00
Eric Blankenhorn
01dc018cda Make DecodedCert elements available with WOLFSSL_CERT_EXT 2018-09-11 10:41:12 -05:00
David Garske
f48e2067ae Added new API wolfSSL_CTX_load_verify_chain_buffer_format for loading CA cert chain as DER buffer list including API unit test. Support for device serial number OID. 2018-09-10 08:15:17 -07:00
David Garske
2c5b0d82da Fix for dh_test to make sure the provided agree size is populated. This resolves issue with async and QuickAssist DH. 2018-09-10 07:13:52 -07:00
David Garske
a2be7590d1 Fixes for NXP LTC support with K82. Fix for SHA384/512. Fix for AES CBC not storing previous IV. Fix for wc_AesSetKey arg check. Fix for AES GCM IV != 12 test. Changed LTC default in settings.h to not enable SHA512 and Ed/Curve25519. Tested using Rowley Crossworks v4.2.0 on a FRDM-K82F. There is an initial stack pointer issue with the arm-startup code here for Rowley still outstanding, but these fixes are valid as-is. 2018-09-10 07:13:32 -07:00
Eric Blankenhorn
412eecd51a Add wc_SetIssuerRaw and EncodeCert with raw fields (#1798) 
* Make cert with raw issuer
* Add wc_SetIssuerRaw
* Use issuer raw in EncodeCert
 2018-09-07 16:22:23 -07:00
Daniele Lacamera
27555d6eb7 Fix old-style function definitions 2018-09-07 09:13:20 +02:00
David Garske
ae3d8d3779 * Fixed wolfSSL_CTX_load_verify_locations to continue loading if there is an error (ZD 4265). 
* Added new `wolfSSL_CTX_load_verify_locations_ex` that supports flags `WOLFSSL_LOAD_FLAG_IGNORE_ERR`, `WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY` and `WOLFSSL_LOAD_FLAG_PEM_CA_ONLY`.
* Fix for `PemToDer` to handle PEM which may include a null terminator in length at end of file length causing wrong error code to be returned. Added test case for this. (ZD 4278)
* Added macro to override default flags for `wolfSSL_CTX_load_verify_locations` using `WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS`.
* Added tests for loading CA PEM's from directory using `wolfSSL_CTX_load_verify_locations` and `wolfSSL_CTX_load_verify_locations_ex` with flags.
* Added tests for `wolfSSL_CertManagerLoadCABuffer`.
* Updated the expired test certs and added them to `./certs/test/gen-testcerts.sh` script.
 2018-09-06 12:51:22 -07:00
David Garske
d998d10f02 Merge pull request #1805 from dgarske/fix_csr 
Fix for CSR generation email value
 2018-09-05 19:44:41 -07:00
Quinn Miller
b8605fa544 Fixed typo in fp_mul_comba_7 2018-09-05 14:51:50 -06:00
David Garske
d432d346aa Merge pull request #1809 from cconlon/stm32rngfix 
enable RNG clock when WOLFSSL_STM32F427_RNG is defined
 2018-09-04 17:21:01 -07:00
Eric Blankenhorn
28ad8e591d Adding comment for empty case in GetNameType 2018-09-04 18:08:40 -05:00
toddouska
bac8b78a8c Merge pull request #1803 from SparkiDev/tfm_stack 
Small stack for fast math code
 2018-09-04 15:57:59 -07:00
toddouska
8e67ef33b2 Merge pull request #1799 from SparkiDev/cert_vfy_small 
Smaller dynamic memory usage in TLS
 2018-09-04 15:40:11 -07:00
Chris Conlon
d3ea903c55 enable RNG clock when WOLFSSL_STM32F427_RNG is defined 2018-09-04 16:13:09 -06:00
Sean Parkinson
17a70aee1b Added test and minor fixes for CheckCertSignature 2018-09-03 10:50:47 +10:00
Sean Parkinson
4d0478a287 Fix fp_div_2d to return remainder correctly 
If a == c are then a and c don't equal d:
calculate d before c
If a != c then a doesn't change in calculating c:
calculate d after c
 2018-09-03 08:32:55 +10:00
David Garske
6171e29fe8 Fix for CSR generation after PR (https://github.com/wolfSSL/wolfssl/pull/1734). This resolves issue with email name in CSR. (Thanks to Forum post https://www.wolfssl.com/forums/post4137.html). 
Failed examples:

```
145:d=5  hl=2 l=  16 prim: EOC
      0000 - 69 6e 66 6f 40 77 6f 6c-66 73 73 6c 2e 63 6f 6d   info@wolfssl.com
```

```
SET {
138  23:         SEQUENCE {
140   3:           OBJECT IDENTIFIER objectClass (2 5 4 0)
       :             Error: Spurious EOC in definite-length item.
```

Success Examples:

```
140:d=5  hl=2 l=   9 prim: OBJECT            :emailAddress
  151:d=5  hl=2 l=  16 prim: IA5STRING         :info@wolfssl.com
```

```
SET {
138  29:         SEQUENCE {
140   9:           OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1)
151  16:           IA5String 'info@wolfssl.com'
```
 2018-08-31 11:20:04 -07:00
Sean Parkinson
41ab3d91fd Small stack for fast math code 
Any large stack usages have been changed to dynamic memory allocations
when WOLFSSL_SMALL_STACK is defined.
Modified functions to return error codes.
 2018-08-31 17:55:49 +10:00
Sean Parkinson
d86fc2dbbe Smaller dynamic memory usage in TLS 
Code doesn't require a DecodedCert which saves on dynamic memory usage.
WOLFSSL_SMALL_CERT_VERIFY: Don't have a DecodedCert allocated and verify
certificate signature in ProcessPeerCerts as this is maximum dynamic
memory usage.
WOLFSSL_SMALL_CERT_VERIFY is enabled with 'lowresource' configuration
option.
Fix sp_clear to work with NULL parameter.
Define a new function HashId that maps to the hashing function
available.
Set MAX_CERT_VERIFY_SZ to be the maximum based on what algorithms are
compiled in.
Fix usage of MAX_CERT_VERIFY_SZ in functions sending certificate verify
messages.
 2018-08-31 08:29:28 +10:00
toddouska
31e37ea5df Merge pull request #1797 from SparkiDev/stack_size 
Small stack usage fixes
 2018-08-29 16:19:46 -07:00
toddouska
d084a4bcb8 Merge pull request #1794 from SparkiDev/sp_armasm_modexp 
Fix for SP ASM arm and no DH
 2018-08-29 16:13:34 -07:00
toddouska
03fbad22a6 Merge pull request #1792 from SparkiDev/gcc_8_fixes 
GCC 8 new warnings in -Wall fix
 2018-08-29 16:12:19 -07:00
toddouska
e4ccb2fe83 Merge pull request #1784 from dgarske/stsafe_server 
Added ST-Safe PK callback example for Key Generation (TLS server only)
 2018-08-29 16:07:14 -07:00
Sean Parkinson
4dbe86f1fd Small stack usage fixes 
Stack pointer logging added.
 2018-08-29 10:16:51 +10:00
Sean Parkinson
57620caac8 Fix for SP ASM arm and no DH 
Fix mod exp in ARM asm to work for different size exponents.
In ASM code, mont_norm is not used in RSA so protect from no DH.
 2018-08-28 11:24:38 +10:00
Sean Parkinson
551201c00c GCC 8 new warnings in -Wall fix 2018-08-27 12:51:01 +10:00
John Safranek
bd5e507617 OID 
1. When checking an OID sum against an OID string based on context, skip the unknown OIDs instead of treating them as parse errors.
2. When getting an OID, pass the lower error upstream instead of just PARSE error.
 2018-08-24 11:51:25 -07:00
David Garske
347fdccf1c Added missing README.md. 2018-08-24 11:11:30 -07:00
David Garske
c96aeb4550 Added documentation and benchmarks for STM32 and STSAFE-A100 support. 2018-08-24 11:03:14 -07:00
David Garske
88e6bd2915 Added ST-Safe server side PK callback example for key gen. Added helper API's for setting up the PK callbacks and custom context. 2018-08-23 15:57:14 -07:00
David Garske
c7dde6c682 Merge pull request #1656 from danielinux/contiki-port 
Contiki port
 2018-08-23 12:31:56 -07:00
toddouska
cc39f3211a Merge pull request #1780 from dgarske/pkcs7_ex 
Added new PKCS7 ex API's to support signing and validation of large data
 2018-08-23 08:41:25 -07:00
toddouska
5d8a2a7702 Merge pull request #1778 from SparkiDev/sp_mem 
Make ALT_ECC_SIZE with SP work
 2018-08-23 08:25:44 -07:00
toddouska
554d40a62e Merge pull request #1777 from dgarske/async_fixes 
Build fixes for async
 2018-08-23 08:23:20 -07:00
toddouska
0d171e591b Merge pull request #1776 from SparkiDev/inline_cmpl_fix 
Fix for clang builds with configs not using inline funcs
 2018-08-23 08:22:39 -07:00
toddouska
8477d5ba1b Merge pull request #1773 from ejohnstown/critical-option 
Certificate Extension Critical Check Optionality
 2018-08-23 08:21:19 -07:00
David Garske
57d72028f6 Fix for missing return code on wc_Pic32HashFree. 2018-08-22 16:38:55 -07:00
David Garske
d0d28c82cd Added new PKCS7 ex API's for supporting signing and validation of large data blobs. New API's are wc_PKCS7_EncodeSignedData_ex and wc_PKCS7_VerifySignedData_ex. Includes header docx and unit tests for new API's. Cleanup for the PKCS7 small stack and const oid's. 2018-08-22 15:46:37 -07:00
David Garske
53af520911 Fix to resolve issue with PIC32MZ crypto hardware (AES/DES3 only) where an unaligned input/output buffer was not handled correctly. This results in a BUFFER_E. This was seen with DTLS v1.0 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher suite. Fix is to allocate a dynamic buffer from heap if the input/output are not aligned. Tested and verified with a PIC32MZ2048EFM144 and the wolfssl_udp_client example for Harmony using DTLS v1.0 and the setudppacketoptions 192.168.0.107 11111 hello -> sendudppacket commands. Cleanups in older ctoacrypt/settings.h for PIC32MZ. 2018-08-22 13:39:03 -07:00
Daniele Lacamera
3d27a8dc53 Contiki port 2018-08-22 09:15:09 +02:00
Sean Parkinson
783c4a0c5e Make ALT_ECC_SIZE with SP work 
Change to more relevant dynamic types in SP also.
 2018-08-22 16:02:51 +10:00
David Garske
9ae4ef2d5c Build fixes for --enable-async --enable-all --with-intelqa. Resolves conflict for stat variable name. Fix for DH with async. Fix for async devSize. 2018-08-21 19:51:13 -07:00
Sean Parkinson
31bd844d6f Fix for clang builds with configs not using inline funcs 2018-08-22 11:16:57 +10:00
John Safranek
a0f1c9dbe4 Make the check of the certificate extension critical flag optional based on compile option. 2018-08-21 10:57:04 -07:00